18243bbd0820e54d4c412a781e805a45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18243bbd0820e54d4c412a781e805a45_JaffaCakes118
Size

1.0MB
MD5

18243bbd0820e54d4c412a781e805a45
SHA1

80a013b92798e72c2fa30f45a05404ce14a245f8
SHA256

ea98e871de6349e7feed979b16658195a0737dc2ca697167f7882e170081b2b4
SHA512

b5a8d6999564037d5c1fe8e0494b7ef19af1b597e9a9149cb0f989bc4074962a3de30613b61af00a0f49a424a3f02d052dc25b8e0b42140f56efdb5e8306cb37
SSDEEP

24576:YcNWkhQ1/95yjPiIfEAu8vA9lhgNbat8qDU2oEx8Y:BWR1/bcRfDdM8eZDUC8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/账号密码输入助手/帐号密码输入助手.exe

Files

18243bbd0820e54d4c412a781e805a45_JaffaCakes118
.rar
账号密码输入助手/DataBase/Lc_AddList.mdb
账号密码输入助手/DataBase/TimeData.ini
账号密码输入助手/帐号密码输入助手.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.TTP
Size: 995KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TTP
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TTP
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TTP
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TTP
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
账号密码输入助手/新云软件.url
.url
账号密码输入助手/说明.txt